sudo-rs shows password asterisks by default – break with Unix tradition

The Rust implementation sudo-rs breaks with a decades-old Unix convention: by default, asterisks now appear on the screen when typing passwords. As can be seen from a commit in the GitHub repository, the software has been activating the “pwfeedback” option by default since mid-February 2026. Traditionally, for 46 years, sudo has provided no feedback when typing passwords – a conscious design decision for security reasons.

The developers justify the change with usability improvements for new users. The commit message states that security is theoretically worse because password lengths would be visible to observers in the user's immediate vicinity. However, this minimal disadvantage is outweighed by significantly improved usability. In fact, sudo is thus one of the last Unix tools that provides no visual feedback at all when entering passwords; other applications have long shown placeholder characters.

The change affects Ubuntu users with all versions that use sudo-rs by default. In a bug report, at least one traditionally-minded user vehemently complained about the innovation: displaying asterisks violates decades of practice and reveals the password length to “shoulder surfers” – people looking over the user's shoulder. However, Ubuntu marked the bug report as “Won't Fix.” A rollback of the change is not planned.

Simple deactivation possible

Administrators who prefer the old behavior can deactivate the asterisk display. To achieve this, the line Defaults !pwfeedback must be inserted into the sudoers configuration file. For server environments, the change is likely less relevant, as SSH keys are typically used instead of passwords there.

sudo-rs is a complete reimplementation of the sudo command in the Rust programming language. The project aims to avoid the security issues that can arise from the original's 30-year-old C codebase. Rust, through its borrow checker, prevents entire classes of memory management errors such as buffer overflows. sudo-rs can now be used instead of the conventional sudo in many other distributions, although a transition comparable to Ubuntu has not yet occurred in other mainstream systems.

The Trifecta Tech Foundation, which develops sudo-rs, has had the project externally audited twice. The last audit in August 2025 found no security vulnerabilities. During the first audit in 2023, the auditors discovered a path traversal vulnerability, which also affected the original sudo. Ubuntu users can switch back to the classic sudo via update-alternatives up to version 26.04.

(fo)